Mr. Business owner/manager if you do not take Cybersecurity seriously then it will bite you but how exactly?
Spend money on cybersecurity or you will eventually get attacked… I know that is hard to understand fully
As discussed before The Psychology of Security (Oversitesentry post from 8/22/14)
Believe it or not on a regular basis we tend to seek risks when there could be losses . So what does that mean with regards to Cybersecurity? Well, if you do nothing with Cybersecurity efforts on your computers and network devices then you are risking ransomware taking all of your data and thus testing your IT backup processes. But knowing or not knowing (maybe subconscious) we do not accept that we have to address a risk such as ransomware. Even if ransomware could destroy our data. Part of the problem is that we are running our business and home life with certain levels of computing and every day things are working as we expect. So why should we spend more time with Cybersecurity concerns?
- the right thing to do – create a proper cybersecurity
- The more we disregard the threat and the potential impact could be higher
So this phenomenon becomes a vortex of
NOTHING to see here – keep moving
to
When attackers find weaknesses then the attack could put your small business out-of-business (if no backup tests were done and the right circumstances create the perfect storm).
Eventually this weird sense of not wanting to deal with cybersecurity because it increases risk will be your undoing.
So what does it really mean?? Cybersecurity or Else?
It means you can go out of business if you lose all your data and cannot recreate them in a reasonable amount of time or at all.
This has happened before:
The above is an old picture, but likely has not changed much if at all. We are unfortunately creatures of habit.
So these are your choices
Everyone makes an unconscious decision to spend some, more or no time on Cybersecurity for a variety of reasons.
What has to be done is to check your systems with testing and auditing process, such as with a CISA certified person. Like Us – Contact Us
So what is really happening is the CISA audit is a type of catastrophic insurance. If audits are done on a regular basis then the computer systems will not get to the point of catastrophe (losing all data with no recovery).
Maybe what is needed is to frame the debate of cybersecurity is to focus on the business aspects.
No cybersecurity attention? then $100k in costs or loss of business outright.
How to fix this? Management must be more cybersecurity savvy, and ask the right questions to the cybersecurity professionals.